Hi folks. I’ve got a 2.7 deployment and have been banging my head for a while trying to get ldap+shibboleth working. I can easily add myself as an authorized user but any subsequent users fail to fetch principal info. I haven’t found a heck of a lot of meat googling around for the issue. Thoughts? I get a feeling it has to do with lining up shib + ldap’s attributes but I can’t seem to use custom attrs on the shib side (like I had our idm folks expose a field named posixAccountuidNumber but using that just completely breaks shib auth (Invalid saml attributes). I’m trying to key off our employee number instead…